VAR-201109-0168
Vulnerability from variot - Updated: 2025-04-11 22:53service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) BF, (2) OF, or (3) EF command. Service.exe has multiple boundary errors when processing messages, and sending a specially crafted command to TCP port 11234 can trigger a stack-based buffer overflow. Measuresoft ScadaPro provides integrated data phone, monitoring, logging, report generation and more. Measuresoft ScadaPro has a security vulnerability. The \"xF\" command can be used to call any function in any DLL, such as executing the application via the \"system()\" function in msvcrt.dll. Measuresoft ScadaPro has a security vulnerability and sends a special \"RF\" command to TCP port 11234 to get arbitrary file content. Exploiting these issues could allow remote attackers to perform unauthorized actions using directory traversal strings or to execute arbitrary code or commands within the context of the affected application. Failed attempts will likely cause denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201109-0168",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "scadapro",
"scope": "eq",
"trust": 3.0,
"vendor": "easuresoft",
"version": "4.0.0.0"
},
{
"model": "scadapro",
"scope": "lte",
"trust": 1.8,
"vendor": "measuresoft",
"version": "4.0.0"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.6,
"vendor": "measuresoft",
"version": "3.9.11"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.6,
"vendor": "measuresoft",
"version": "3.9.10"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.6,
"vendor": "measuresoft",
"version": "3.9.13"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.6,
"vendor": "measuresoft",
"version": "3.9.15"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.6,
"vendor": "measuresoft",
"version": "3.9.12"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.6,
"vendor": "measuresoft",
"version": "3.9.9"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.6,
"vendor": "measuresoft",
"version": "3.9.6"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.6,
"vendor": "measuresoft",
"version": "3.9.14"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.6,
"vendor": "measuresoft",
"version": "3.9.8"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.6,
"vendor": "measuresoft",
"version": "3.9.7"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.0,
"vendor": "measuresoft",
"version": "2.4.3"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.0,
"vendor": "measuresoft",
"version": "2.2"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.0,
"vendor": "measuresoft",
"version": "3.2.9"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.0,
"vendor": "measuresoft",
"version": "2.5.2"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.0,
"vendor": "measuresoft",
"version": "2.1"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.0,
"vendor": "measuresoft",
"version": "2.4.6"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.0,
"vendor": "measuresoft",
"version": "3.3.1"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.0,
"vendor": "measuresoft",
"version": "2.5"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.0,
"vendor": "measuresoft",
"version": "2.6.0"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.0,
"vendor": "measuresoft",
"version": "2.8.0"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.0,
"vendor": "measuresoft",
"version": "2.4"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.0,
"vendor": "measuresoft",
"version": "3.9.5"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.0,
"vendor": "measuresoft",
"version": "2.9.0"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.0,
"vendor": "measuresoft",
"version": "2.5.1"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.0,
"vendor": "measuresoft",
"version": "2.7.1"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.0,
"vendor": "measuresoft",
"version": "2.4.1"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.0,
"vendor": "measuresoft",
"version": "2.4.2"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.0,
"vendor": "measuresoft",
"version": "3.3.0"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.0,
"vendor": "measuresoft",
"version": "3.1.0"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.0,
"vendor": "measuresoft",
"version": "2.5.5"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.0,
"vendor": "measuresoft",
"version": "3.3.2"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.0,
"vendor": "measuresoft",
"version": "2.4.5"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.0,
"vendor": "measuresoft",
"version": "3.9.2"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.0,
"vendor": "measuresoft",
"version": "2.5.4"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.0,
"vendor": "measuresoft",
"version": "2.3"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.0,
"vendor": "measuresoft",
"version": "2.4.4"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.0,
"vendor": "measuresoft",
"version": "3.9.0"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.0,
"vendor": "measuresoft",
"version": "3.9.1"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.0,
"vendor": "measuresoft",
"version": "2.7.0"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.0,
"vendor": "measuresoft",
"version": "3.2.8"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.0,
"vendor": "measuresoft",
"version": "2.7.2"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.0,
"vendor": "measuresoft",
"version": "3.9.4"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.0,
"vendor": "measuresoft",
"version": "3.9.3"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 1.0,
"vendor": "measuresoft",
"version": "2.5.3"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 0.3,
"vendor": "measuresoft",
"version": "4.0"
},
{
"model": "scadapro",
"scope": "eq",
"trust": 0.3,
"vendor": "measuresoft",
"version": "0"
},
{
"model": "scadapro",
"scope": "ne",
"trust": 0.3,
"vendor": "measuresoft",
"version": "4.0.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "2.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "2.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "2.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "2.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "2.4.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "2.4.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "2.4.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "2.4.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "2.4.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "2.4.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "2.5.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "2.5.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "2.5.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "2.5.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "2.5.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "2.6.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "2.7.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "2.7.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "2.7.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "2.8.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "2.9.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "3.1.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "3.2.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "3.2.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "3.3.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "3.3.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "3.3.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "3.9.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "3.9.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "3.9.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "3.9.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "3.9.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "3.9.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "3.9.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "3.9.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "3.9.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "3.9.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "3.9.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "3.9.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "3.9.12"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "3.9.13"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "3.9.14"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "3.9.15"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadapro",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "a45c75f2-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3670"
},
{
"db": "CNVD",
"id": "CNVD-2011-3674"
},
{
"db": "CNVD",
"id": "CNVD-2011-3676"
},
{
"db": "CNVD",
"id": "CNVD-2011-3675"
},
{
"db": "CNVD",
"id": "CNVD-2011-3673"
},
{
"db": "BID",
"id": "49613"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002235"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-269"
},
{
"db": "NVD",
"id": "CVE-2011-3496"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:measuresoft:scadapro",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002235"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Luigi Auriemma",
"sources": [
{
"db": "BID",
"id": "49613"
}
],
"trust": 0.3
},
"cve": "CVE-2011-3496",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2011-3496",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "a45c75f2-2354-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-3496",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-3496",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201109-269",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "a45c75f2-2354-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "a45c75f2-2354-11e6-abef-000c29c66e3d"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002235"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-269"
},
{
"db": "NVD",
"id": "CVE-2011-3496"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) BF, (2) OF, or (3) EF command. Service.exe has multiple boundary errors when processing messages, and sending a specially crafted command to TCP port 11234 can trigger a stack-based buffer overflow. Measuresoft ScadaPro provides integrated data phone, monitoring, logging, report generation and more. Measuresoft ScadaPro has a security vulnerability. The \\\"xF\\\" command can be used to call any function in any DLL, such as executing the application via the \\\"system()\\\" function in msvcrt.dll. Measuresoft ScadaPro has a security vulnerability and sends a special \\\"RF\\\" command to TCP port 11234 to get arbitrary file content. \nExploiting these issues could allow remote attackers to perform unauthorized actions using directory traversal strings or to execute arbitrary code or commands within the context of the affected application. Failed attempts will likely cause denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-3496"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002235"
},
{
"db": "CNVD",
"id": "CNVD-2011-3670"
},
{
"db": "CNVD",
"id": "CNVD-2011-3674"
},
{
"db": "CNVD",
"id": "CNVD-2011-3676"
},
{
"db": "CNVD",
"id": "CNVD-2011-3675"
},
{
"db": "CNVD",
"id": "CNVD-2011-3673"
},
{
"db": "BID",
"id": "49613"
},
{
"db": "IVD",
"id": "a45c75f2-2354-11e6-abef-000c29c66e3d"
}
],
"trust": 4.77
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "49613",
"trust": 4.1
},
{
"db": "NVD",
"id": "CVE-2011-3496",
"trust": 2.9
},
{
"db": "ICS CERT ALERT",
"id": "ICS-ALERT-11-256-04",
"trust": 2.4
},
{
"db": "EXPLOIT-DB",
"id": "17848",
"trust": 1.6
},
{
"db": "SREASON",
"id": "8382",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201109-269",
"trust": 0.8
},
{
"db": "OSVDB",
"id": "75571",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002235",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2011-3670",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2011-3674",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2011-3676",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2011-3675",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2011-3673",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-11-263-01",
"trust": 0.3
},
{
"db": "IVD",
"id": "A45C75F2-2354-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "a45c75f2-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3670"
},
{
"db": "CNVD",
"id": "CNVD-2011-3674"
},
{
"db": "CNVD",
"id": "CNVD-2011-3676"
},
{
"db": "CNVD",
"id": "CNVD-2011-3675"
},
{
"db": "CNVD",
"id": "CNVD-2011-3673"
},
{
"db": "BID",
"id": "49613"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002235"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-269"
},
{
"db": "NVD",
"id": "CVE-2011-3496"
}
]
},
"id": "VAR-201109-0168",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "a45c75f2-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3670"
},
{
"db": "CNVD",
"id": "CNVD-2011-3674"
},
{
"db": "CNVD",
"id": "CNVD-2011-3676"
},
{
"db": "CNVD",
"id": "CNVD-2011-3675"
},
{
"db": "CNVD",
"id": "CNVD-2011-3673"
}
],
"trust": 4.2
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 3.2
}
],
"sources": [
{
"db": "IVD",
"id": "a45c75f2-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3670"
},
{
"db": "CNVD",
"id": "CNVD-2011-3674"
},
{
"db": "CNVD",
"id": "CNVD-2011-3676"
},
{
"db": "CNVD",
"id": "CNVD-2011-3675"
},
{
"db": "CNVD",
"id": "CNVD-2011-3673"
}
]
},
"last_update_date": "2025-04-11T22:53:59.088000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "scada-products",
"trust": 0.8,
"url": "http://www.measuresoft.com/products/scada-products.aspx"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002235"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002235"
},
{
"db": "NVD",
"id": "CVE-2011-3496"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "http://aluigi.altervista.org/adv/scadapro_1-adv.txthttp"
},
{
"trust": 2.4,
"url": "http://www.us-cert.gov/control_systems/pdf/ics-alert-11-256-04.pdf"
},
{
"trust": 1.9,
"url": "http://aluigi.altervista.org/adv/scadapro_1-adv.txt"
},
{
"trust": 1.6,
"url": "http://www.exploit-db.com/exploits/17848"
},
{
"trust": 1.0,
"url": "http://securityreason.com/securityalert/8382"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3496"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3496"
},
{
"trust": 0.8,
"url": "http://osvdb.org/75571"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/49613"
},
{
"trust": 0.3,
"url": "http://www.measuresoft.com/products/scada-products.aspx"
},
{
"trust": 0.3,
"url": "/archive/1/519637"
},
{
"trust": 0.3,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-11-263-01.pdf"
},
{
"trust": 0.3,
"url": "http://www.measuresoft.net/news/post/inaccurate-reports-of-measuresoft-scadapro-400-vulnerability.aspx"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-3670"
},
{
"db": "CNVD",
"id": "CNVD-2011-3674"
},
{
"db": "CNVD",
"id": "CNVD-2011-3676"
},
{
"db": "CNVD",
"id": "CNVD-2011-3675"
},
{
"db": "CNVD",
"id": "CNVD-2011-3673"
},
{
"db": "BID",
"id": "49613"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002235"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-269"
},
{
"db": "NVD",
"id": "CVE-2011-3496"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "a45c75f2-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3670"
},
{
"db": "CNVD",
"id": "CNVD-2011-3674"
},
{
"db": "CNVD",
"id": "CNVD-2011-3676"
},
{
"db": "CNVD",
"id": "CNVD-2011-3675"
},
{
"db": "CNVD",
"id": "CNVD-2011-3673"
},
{
"db": "BID",
"id": "49613"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002235"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-269"
},
{
"db": "NVD",
"id": "CVE-2011-3496"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-09-19T00:00:00",
"db": "IVD",
"id": "a45c75f2-2354-11e6-abef-000c29c66e3d"
},
{
"date": "2011-09-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-3670"
},
{
"date": "2011-09-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-3674"
},
{
"date": "2011-09-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-3676"
},
{
"date": "2011-09-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-3675"
},
{
"date": "2011-09-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-3673"
},
{
"date": "2011-09-13T00:00:00",
"db": "BID",
"id": "49613"
},
{
"date": "2011-09-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002235"
},
{
"date": "2011-09-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201109-269"
},
{
"date": "2011-09-16T17:26:14.747000",
"db": "NVD",
"id": "CVE-2011-3496"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-09-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-3670"
},
{
"date": "2011-09-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-3674"
},
{
"date": "2011-09-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-3676"
},
{
"date": "2011-09-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-3675"
},
{
"date": "2011-09-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-3673"
},
{
"date": "2011-09-20T21:30:00",
"db": "BID",
"id": "49613"
},
{
"date": "2011-09-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002235"
},
{
"date": "2011-09-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201109-269"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2011-3496"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201109-269"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Measuresoft ScadaPro service.exe Input validation vulnerability",
"sources": [
{
"db": "IVD",
"id": "a45c75f2-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-269"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input validation",
"sources": [
{
"db": "IVD",
"id": "a45c75f2-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-269"
}
],
"trust": 0.8
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…